Cyber ​​fraud on LinkedIn: This is how fraudsters are targeting people, learn how to avoid it.

A new phishing scam is spreading rapidly on the digital networking platform LinkedIn. This time, cybercriminals are specifically targeting senior executives and business leaders in the finance sector.

LinkedIn Cyber ​​Fraud: A new phishing scam is spreading rapidly on the digital networking platform LinkedIn. This time, cybercriminals are specifically targeting senior executives and business leaders in the finance sector. These fraudsters are abandoning the old email method and are now attempting to steal people's Microsoft login credentials through LinkedIn direct messages.

How is this new phishing attack working?

Cybersecurity firm Push Security has uncovered this high-risk LinkedIn phishing campaign. According to the report, attackers create a professional and genuine-looking profile on LinkedIn. They then send the target an 'exclusive invitation' to join a fake board called the Commonwealth Investment Fund.

The message reads something like this: "We're inviting you to join the executive board of our new Commonwealth Investment Fund, which is launching in South America."

Such an offer sounds quite prestigious, leading many professionals to consider it a golden opportunity for their career. But this is where the real game begins.

The fraud begins as soon as you click.

After clicking on the link in the message, the user is redirected first to Google Search, then to an attacker-controlled site, and finally to a fake Microsoft login page. This page looks exactly like the real Microsoft sign-in screen.

As soon as the user enters their email and password, this information goes directly to the cybercriminals. This means that with one click, your entire corporate account and data could be at risk.

New ways to avoid security bots

According to Push Security, these hackers are now using highly advanced techniques. They are using security technologies like CAPTCHA and Cloudflare Turnstile to prevent security bots from scanning their sites and blocking them.

New Threat from LinkedIn

The report also states that phishing campaigns are no longer limited to email but are also spreading on social media platforms. This attack is particularly dangerous on professional networks like LinkedIn, where corporate accounts and business data are at stake.

Push Security warned, "Even though this attack occurred on a 'personal' app like LinkedIn, it could give hackers access to key corporate accounts and services like Microsoft and Google. This could put the entire organization's data at risk.

Be cautious, not every offer is genuine.

If you receive an offer for board membership or an investment fund on LinkedIn, don't click on it without verifying it. Check the source before opening any link or document. A simple click could open your entire corporate network to a cyber attack."